|
|
|
@ -719,65 +719,180 @@ describe StatusesController do |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when status is public' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
status.update(visibility: :public) |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http success' do |
|
|
|
|
expect(response).to have_http_status(:success) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when status is private' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
status.update(visibility: :private) |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http not_found' do |
|
|
|
|
expect(response).to have_http_status(404) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when status is direct' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
status.update(visibility: :direct) |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http not_found' do |
|
|
|
|
expect(response).to have_http_status(404) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when signed-in' do |
|
|
|
|
let(:user) { Fabricate(:user) } |
|
|
|
|
|
|
|
|
|
before do |
|
|
|
|
sign_in(user) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when status is public' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
status.update(visibility: :public) |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http success' do |
|
|
|
|
expect(response).to have_http_status(:success) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when status is private' do |
|
|
|
|
before do |
|
|
|
|
status.update(visibility: :private) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when user is authorized to see it' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
user.account.follow!(account) |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http success' do |
|
|
|
|
expect(response).to have_http_status(200) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when user is not authorized to see it' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http not_found' do |
|
|
|
|
expect(response).to have_http_status(404) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when status is direct' do |
|
|
|
|
before do |
|
|
|
|
status.update(visibility: :direct) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when user is authorized to see it' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
Fabricate(:mention, account: user.account, status: status) |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http success' do |
|
|
|
|
expect(response).to have_http_status(200) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when user is not authorized to see it' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http not_found' do |
|
|
|
|
expect(response).to have_http_status(404) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'with signature' do |
|
|
|
|
let(:remote_account) { Fabricate(:account, domain: 'example.com') } |
|
|
|
|
|
|
|
|
|
before do |
|
|
|
|
allow(controller).to receive(:signed_request_actor).and_return(remote_account) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when status is public' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
status.update(visibility: :public) |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http success' do |
|
|
|
|
expect(response).to have_http_status(:success) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when status is private' do |
|
|
|
|
before do |
|
|
|
|
status.update(visibility: :private) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when user is authorized to see it' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
remote_account.follow!(account) |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http success' do |
|
|
|
|
expect(response).to have_http_status(200) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when user is not authorized to see it' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http not_found' do |
|
|
|
|
expect(response).to have_http_status(404) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when status is direct' do |
|
|
|
|
before do |
|
|
|
|
status.update(visibility: :direct) |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when user is authorized to see it' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
Fabricate(:mention, account: remote_account, status: status) |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http success' do |
|
|
|
|
expect(response).to have_http_status(200) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
context 'when user is not authorized to see it' do |
|
|
|
|
pending |
|
|
|
|
before do |
|
|
|
|
get :activity, params: { account_username: account.username, id: status.id } |
|
|
|
|
end |
|
|
|
|
|
|
|
|
|
it 'returns http not_found' do |
|
|
|
|
expect(response).to have_http_status(404) |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|
end |
|
|
|
|